GUARD-EXAMPLE

This note addresses the question: what is the use of guards in
ACL2? Although we recommend that beginners try to avoid guards for
a while, we hope that the summary here is reasonably self-contained
and will provide a reasonable introduction to guards in ACL2. For a
more systematic discussion, see guard. For a summary of that
topic, see guard-quick-reference.

Before we get into the issue of guards, let us note that there are
two important ``modes'':

set-guard-checking -- ``Should runtime guard violations signal an
error (:all, and usually with t or :nowarn) or go undetected
(nil, :none)? Equivalently, are expressions evaluated in Common Lisp
or in the logic?'' (See set-guard-checking.)

Prompt examples

Here some examples of the relation between the ACL2 prompt and the
``modes'' discussed above. Also see default-print-prompt. The
first examples all have ld-skip-proofsp nil; that is, proofs are
not skipped.

The admission of SUM-LIST is trivial, using the relation
O< (which is known to be well-founded on the domain
recognized by O-P) and the measure (ACL2-COUNT X).
We observe that the type of SUM-LIST is described by the
theorem (ACL2-NUMBERP (SUM-LIST X)). We used primitive type
reasoning.

ACL2 Warning [Guards] in TOP-LEVEL: Guard-checking will be inhibited
on recursive calls of the executable counterpart (i.e., in the ACL2
logic) of SUM-LIST. To check guards on all recursive calls:
(set-guard-checking :all)
To leave behavior unchanged except for inhibiting this message:
(set-guard-checking :nowarn)

6
ACL2 !>(sum-list '(1 2 abc 3))

ACL2 Error in TOP-LEVEL: The guard for the function symbol
BINARY-+, which is (AND (ACL2-NUMBERP X) (ACL2-NUMBERP Y)),
is violated by the arguments in the call (+ 'ABC 3).

Perhaps we can prove *1 by induction. Three induction
schemes are suggested by this conjecture. Subsumption
reduces that number to two. However, one of these is flawed
and so we are left with one viable candidate.

ACL2 Error in TOP-LEVEL: The guard for the function symbol
SUM-LIST, which is (INTEGER-LISTP X), is violated by the
arguments in the call (SUM-LIST '(1 2 ABC ...)). See :DOC wet
for how you might be able to get an error backtrace.